forrest is exactly right. I think the one addition you have to make is make key-signing be more than a binary concept, as in "I trust this person". It needs to be more of a way of verifying attributes. E.g. there should be a way of saying: